/* This Source Code Form is subject to the terms of the Mozilla Public
 * License, v. 2.0. If a copy of the MPL was not distributed with this
 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */


#include "nsISupports.idl"

interface nsIX509Cert;

/**
 * An interface for verifying that a given string of data was signed by the
 * private key matching the given public key.
 */
[scriptable, uuid(94066a00-37c9-11e4-916c-0800200c9a66)]
interface nsIDataSignatureVerifier : nsISupports
{
  /**
   * Verifies that the data matches the data that was used to generate the
   * signature.
   *
   * @param aData      The data to be tested.
   * @param aSignature The signature of the data, base64 encoded.
   * @param aPublicKey The public part of the key used for signing, DER encoded
   *                   then base64 encoded.
   * @returns true if the signature matches the data, false if not.
   */
  boolean verifyData(in ACString aData, in ACString aSignature, in ACString aPublicKey);

   /* Sig Verification Error Codes */
  const long VERIFY_OK = 0;
  const long VERIFY_ERROR_UNKNOWN_ISSUER = 1;
  const long VERIFY_ERROR_OTHER = 2;

  nsIX509Cert verifySignature(in string aSignature,
                              in unsigned long aSignatureLen,
                              in string plaintext,
                              in unsigned long plaintextLen,
                              out long errorCode);

};
